Standardised Privacy Policies: A Post-mortem and Promising Developments Presentation for W3C Workshop: Privacy and User-Centric Controls, Berlin 21.11.2014 Reuben Binns [email protected] @RDBinns
Standardised Privacy Policies:A Post-mortem and
Promising Developments
Presentation for W3C Workshop: Privacy and User-Centric Controls,
Berlin 21.11.2014
Reuben [email protected]
@RDBinns
mailto:[email protected]
Incentives● Creating a standard is costly● Adopting a standard is costly● Extra scrutiny = loss of reputation
Network Effects● Collective action problem● Unilateral effort from
multiple stakeholders: organisations, browsers, intermediaries, users
● Too many standards dilute efforts.
“Aptosis Network” by Simon Cocknell, used under Creative Commons Attribution Generic 2.0 License
Legalese -> human -> machine ● Loss, addition or mutation
of meaning● Questionable legal standing● Requires combination of
skills from radically different domains
“License Layers” by Creative Commons, used under Creative Commons Attribution 3.0 License
“Wouldn't it be great if we had standardised templates for privacy policies?”
Platform for Privacy Preferences http://www.w3c.org/P3P (1997 – 4 years before CC!)Mozilla Privacy Icons http://www.azarask.in/blog/post/privacy (2010)Privacy simplified http://yale.edu/self/psindex.html (2012)Privacy commons http://www.privacycommons.org (2009)Khula project http://www.khulaproject.com/ (2011)Open Digital http://blog.opendigital.org/2012/03/identonomics (2012)Know privacy http://www.knowprivacy.org (2009)Netzpolitik (2007)European privacy open space http://www.privacyos.eu (2009)Privacy Icons (for email) http://privicons.org/ (2011)Clearware http://www.clearware.org (2006)Privacy labels http://cups.cs.cmu.edu/privacyLabel/ (2010)Internet Governance Forum http://identityproject.lse.ac.uk/mary.pdf (2006)I agree to http://www.iagreeto.org (2011)Standard Label http://standardlabel.org/ (2012)OwnTerms http://ownterms.pbworks.com/w/page/6985495/FrontPage (2009)Lex publica http://lexpubli.ca/ (2010).Portability Policy http://portabilitypolicy.org/generator.htmlIubenda http://www.iubenda.comPrivacyChoice http://www.privacychoice.orgDisconnect https://disconnect.me/iconsOpen Notice http://www.opennotice.orgToS;DR http://www.tosdr.org
http://www.w3c.org/P3Phttp://www.azarask.in/blog/post/privacyhttp://yale.edu/self/psindex.htmlhttp://www.privacycommons.org/http://blog.opendigital.org/2012/03/identonomicshttp://www.knowprivacy.org/http://www.privacyos.eu/http://privicons.org/http://www.clearware.org/http://cups.cs.cmu.edu/privacyLabel/http://identityproject.lse.ac.uk/mary.pdfhttp://www.iagreeto.org/http://standardlabel.org/http://ownterms.pbworks.com/w/page/6985495/FrontPagehttp://lexpubli.ca/http://portabilitypolicy.org/generator.htmlhttp://www.iubenda.com/http://www.privacychoice.org/https://disconnect.me/iconshttp://www.opennotice.org/http://www.tosdr.org/
Promising Developments● Efficient regulatory compliance● Digitised legal work (robo-lawyers)● Independent / crowd-sourced ratings● Natural language processing and machine
learning
“How fair is your contract? Find out in seconds.” - LegalSifter.com